How was the Logstash Plugin installed: sudo /usr/share/logstash/bin/logstash-plugin install logstash-output-elasticsearch
logstash-output-elasticsearch version: 11.19.0
JVM:
Bundled JDK
openjdk version "17.0.9" 2023-10-17
OpenJDK Runtime Environment Temurin-17.0.9+9 (build 17.0.9+9)
OpenJDK 64-Bit Server VM Temurin-17.0.9+9 (build 17.0.9+9, mixed mode, sharing)
OS version:
Linux rpi4srv2 6.1.0-rpi6-rpi-v8 #1 SMP PREEMPT Debian 1:6.1.58-1+rpt2 (2023-10-27) aarch64 GNU/Linux
Description of the problem including expected versus actual behavior:
Plug-in fails with the error as show in the log excerpt and keeps retrying.
Permissions look good.
Logstash information:
sudo /usr/share/logstash/bin/logstash-plugin install logstash-output-elasticsearch
JVM: Bundled JDK openjdk version "17.0.9" 2023-10-17 OpenJDK Runtime Environment Temurin-17.0.9+9 (build 17.0.9+9) OpenJDK 64-Bit Server VM Temurin-17.0.9+9 (build 17.0.9+9, mixed mode, sharing)
OS version: Linux rpi4srv2 6.1.0-rpi6-rpi-v8 #1 SMP PREEMPT Debian 1:6.1.58-1+rpt2 (2023-10-27) aarch64 GNU/Linux
Description of the problem including expected versus actual behavior: Plug-in fails with the error as show in the log excerpt and keeps retrying. Permissions look good.
/etc/logstash/conf.d/wazuh-elasticsearch.conf:
Alerts file permissions:
-rw-rw---- 2 wazuh wazuh 447351 Nov 22 18:06 /var/ossec/logs/alerts/alerts.json
logstash user is in wazuh group
Provide logs (if relevant):